An Explanation of CISPA for Small Businesses

Emily VonSydow | Comments Off on An Explanation of CISPA for Small Businesses

Recently the House of Representatives passed CISPA, the Cyber Intelligence Sharing and Protection Act. With the SOPA debate that occurred earlier this year, not to mention its sister PIPA and several other lesser-known initiatives, 2012 seems rife with technology legislation for small business owners to wade through.

Although some are comparing SOPA and CISPA, there is little similarity. While SOPA was an attempt to prevent copyright infringements on the internet, CISPA is trying to reduce cyberattacks through data sharing. The bill allows private companies to share data about potential cyberattacks; this data can be shared with other companies or with the federal government.

SOPA was almost universally rejected in the tech world (in some cases quite vehemently). CISPA, on the other hand, has garnered more support. Microsoft and Facebook (at least as of this writing) have both expressed open support of the bill. Companies in support of CISPA maintain that the legal right to share data will help them better defend their networks against cyberterrorism. Even tech giant Google has declined to take a formal position on the bill, thus giving it tacit support, according to some. The only major player in the technology space that publically opposes CISPA is Mozilla, the creator of the popular Firefox web browser.

Why does Mozilla stand as one of the lone opponents to CISPA? One word: privacy. Mozilla sent a statement to Forbes summarizing its official viewpoint: “The bill infringes on our privacy, includes vague definitions of cybersecurity, and grants immunities to companies and government that are too broad around information misuse.”

CISPA’s effect (if it passes the Senate in its current form) will probably be felt mostly by individuals. Of course, anything that affects individuals will affect the small businesses run by those individuals. Do you use Salesforce for customer relationship management? Your data could be shared with other companies if it’s deemed useful to investigations of cyberattacks. Even your email could be subject to this, unless it is hosted on a server you own and not in the cloud.

Both opponents and supporters of CISPA agree that we need to continue the fight against cyberattacks. Many entities—especially non-profit privacy advocate groups—see CISPA as a step too far, infringing the basic rights of American citizens. Others, like tech companies that stand to lose the most from hacking and other cyberattacks, see CISPA as a step in the right direction. Interestingly, the White House has threatened to veto the bill, should it reach the President’s desk in its current form. Where do you stand on this issue?